package com.qf.fengmimall.shiro;

import cn.hutool.jwt.JWT;
import com.qf.fengmimall.constant.Constants;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.web.filter.AccessControlFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.nio.charset.StandardCharsets;

/**
 * @author 刘欣
 * @createTime 2023/2/20 23:43
 * @description
 */
@Slf4j
public class JwtShiroFilter extends AccessControlFilter {
    @Override
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
        HttpServletRequest req = (HttpServletRequest) servletRequest;

        String token = req.getHeader("token");

        if (token == null || "".equals(token)) {
            log.debug("没有携带token");
        }

        //校验token合法性

        boolean validate = JWT.of(token).setKey(Constants.SECRET.getBytes(StandardCharsets.UTF_8)).validate(0);

        if (validate) {
            log.debug("token 校验通过");
            return true;
        } else {
            log.debug("token 校验失败");
            return false;
        }

    }

    @Override
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return false;
    }
}
